ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Symantec Identity Manager / Suite - CVE-2022-22965 (Spring Framework Vulnerability)


Article ID: 238654


Updated On:


CA Identity Suite CA Identity Manager CA Identity Governance CA Identity Portal


There was a recent vulnerability notification regarding CVE-2022-22965 (Spring Framework Vulnerability) which revolves around Java 9.x. Are any of the Identity Suite components vulnerable? 


Release : 14.X

Component : IdentityMinder(Identity Manager)

Component : IdentityPortal(Identity Portal)

Component : IdentityGovernance(Identity Governance)

Component : IdentitySuite(Identity Suite)


All Identity Suite components have been reviewed by engineering and development and it has been determined that all components are not vulnerable. This includes the standalone and VAPP versions.

Please reference the below advisory board for all Symantec security products.